On Mon, 13 Apr 2009, Andrew Morton wrote: > > > > > > > > - rcu_read_lock_bh(); > > > > - private = rcu_dereference(table->private); > > > > - table_base = rcu_dereference(private->entries[smp_processor_id()]); > > > > + local_bh_disable(); > > > > + spin_lock(&__get_cpu_var(ip_tables_lock)); > > > > > > spin_lock_bh()? > > > > No. get_cpu_var implies smp_processor_id which is not safe > > without preempt_disable (ie bh disable). > > spin_lock_bh() will dtrt, but spelling it out seems a good idea. No, spin_lock_bh() will _not_ do the right thing. On UP it will actually work for two reasons: it will work because (a) it's UP, so there are no issues with smp_processor_id() to beging with, but also because even if there _were_ issues, it would still work because it would all expand as a macro, and the preempt_disable() will actually happen before the argument is evaluated. But on SMP, spin_lock_bh() expands to just _spin_lock_bh(), and is a real function - and the argument will be evaluated before the call (obviously), and thus before the preempt_disable(). So local_bh_disable(); spin_lock(&__get_cpu_var(ip_tables_lock)); is correct, and spin_lock_bh(&__get_cpu_var(ip_tables_lock)); is _not_ correct. The latter will do "&__get_cpu_var(ip_tables_lock)" with no protection from the process being switched to another CPU. Linus -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
